From: Felix Fietkau <nbd@openwrt.org>
To: David Miller <davem@davemloft.net>
Cc: ddaney@caviumnetworks.com, eric.dumazet@gmail.com,
netdev@vger.kernel.org, buytenh@wantstofly.org
Subject: [PATCH v3] skbuff: align sk_buff::cb to 64 bit and close some potential holes
Date: Tue, 23 Feb 2010 22:45:51 +0100 [thread overview]
Message-ID: <4B844C8F.2060908@openwrt.org> (raw)
In-Reply-To: <20100212.121306.225788982.davem@davemloft.net>
The alignment requirement for 64-bit load/store instructions on ARM is
implementation defined. Some CPUs (such as Marvell Feroceon) do not
generate an exception, if such an instruction is executed with an
address that is not 64 bit aligned. In such a case, the Feroceon
corrupts adjacent memory, which showed up in my tests as a crash in the
rx path of ath9k that only occured with CONFIG_XFRM set.
This crash happened, because the first field of the mac80211 rx status
info in the cb is an u64, and changing it corrupted the skb->sp field.
This patch also closes some potential pre-existing holes in the sk_buff
struct surrounding the cb[] area.
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@kernel.org
---
sorry that it took so long for me to post this, i completely forgot
about it, as I had other things to take care of ;)
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -315,22 +315,23 @@ struct sk_buff {
struct sk_buff *next;
struct sk_buff *prev;
- struct sock *sk;
ktime_t tstamp;
+
+ struct sock *sk;
struct net_device *dev;
- unsigned long _skb_dst;
-#ifdef CONFIG_XFRM
- struct sec_path *sp;
-#endif
/*
* This is the control buffer. It is free to use for every
* layer. Please put your private variables there. If you
* want to keep them across layers you have to do a skb_clone()
* first. This is owned by whoever has the skb queued ATM.
*/
- char cb[48];
+ char cb[48] __aligned(8);
+ unsigned long _skb_dst;
+#ifdef CONFIG_XFRM
+ struct sec_path *sp;
+#endif
unsigned int len,
data_len;
__u16 mac_len,
next prev parent reply other threads:[~2010-02-23 21:46 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-30 0:38 [PATCH v2] skbuff: align sk_buff::cb to 64 bit Felix Fietkau
2010-01-30 7:07 ` Eric Dumazet
2010-02-01 18:26 ` David Daney
2010-02-01 18:37 ` Felix Fietkau
2010-02-12 20:13 ` David Miller
2010-02-23 21:45 ` Felix Fietkau [this message]
2010-02-27 11:17 ` [PATCH v3] skbuff: align sk_buff::cb to 64 bit and close some potential holes David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B844C8F.2060908@openwrt.org \
--to=nbd@openwrt.org \
--cc=buytenh@wantstofly.org \
--cc=davem@davemloft.net \
--cc=ddaney@caviumnetworks.com \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.